Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91527F9/6ED2EBAA1D9A11E2AE93AD8708B02CD2/CCFE382ED9F211EBBFDD1D42C4F9AE02.roa
File: CCFE382ED9F211EBBFDD1D42C4F9AE02.roa (raw, json)
Hash identifier: 2nD2vIRemys3tFd/kGJqMsbISuj5dZKc4E6NQvA2++0=
Subject key identifier: B2:20:0F:8F:F6:D9:4C:C1:02:9C:96:2F:DF:BA:AE:1F:99:CD:CB:8F
Certificate issuer: /CN=A91527F9/serialNumber=E6BF46E530DF92298FAC032AFBC98409C4430439
Certificate serial: 33C4
Authority key identifier: E6:BF:46:E5:30:DF:92:29:8F:AC:03:2A:FB:C9:84:09:C4:43:04:39
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5r9G5TDfkimPrAMq-8mECcRDBDk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91527F9/6ED2EBAA1D9A11E2AE93AD8708B02CD2/CCFE382ED9F211EBBFDD1D42C4F9AE02.roa
Signing time: Fri 22 Mar 2024 02:20:30 +0000
ROA not before: Fri 22 Mar 2024 02:20:30 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 9241
IP address blocks: 110.35.88.0/21 maxlen: 21
113.20.64.0/19 maxlen: 20
113.20.70.0/24 maxlen: 24
113.20.72.0/24 maxlen: 24
113.20.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Apr 2024 04:14:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13252 (0x33c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91527F9/serialNumber=E6BF46E530DF92298FAC032AFBC98409C4430439
Validity
Not Before: Mar 22 02:20:30 2024 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=65fceaee-33cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:fc:bd:fb:28:bf:09:f2:83:ca:73:bd:7e:26:
bd:02:a5:82:f6:bb:9b:fa:56:c3:9e:d0:82:e8:25:
03:74:7a:79:55:59:e4:4b:f6:fc:87:3e:7a:cc:af:
7f:05:da:37:73:63:1e:a9:6a:c4:a2:1b:98:60:1c:
4d:b0:c1:d8:f7:10:ac:d7:5d:76:14:5d:f7:0a:df:
4e:ed:9d:a9:e1:62:47:95:2f:49:85:89:ea:36:f9:
48:de:7d:64:7b:43:6c:c3:eb:5f:71:11:8a:34:1b:
82:8d:17:76:51:5c:76:62:53:3a:7d:33:eb:ce:98:
7d:07:35:f0:c6:00:29:fc:57:98:26:f2:c5:af:a1:
95:08:4b:99:35:c6:e8:73:13:2a:55:c5:ad:c2:b8:
75:71:a7:92:1a:d5:7b:da:dd:da:8b:c0:02:fd:8c:
cd:5c:03:d4:ce:72:e7:b8:30:a9:cd:6c:73:73:26:
6f:70:62:c8:f9:b7:d8:84:1f:d0:11:48:e1:7a:cf:
8b:46:69:3f:95:39:2f:ec:cb:c4:17:fc:59:dd:a1:
26:d8:6e:fc:dc:83:8e:dc:17:bf:25:9b:2e:66:f9:
85:54:c2:01:3e:32:0c:e7:4a:90:58:df:bb:19:35:
e1:99:e6:9b:ce:aa:c1:92:ce:06:91:b8:10:52:14:
db:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:20:0F:8F:F6:D9:4C:C1:02:9C:96:2F:DF:BA:AE:1F:99:CD:CB:8F
X509v3 Authority Key Identifier:
keyid:E6:BF:46:E5:30:DF:92:29:8F:AC:03:2A:FB:C9:84:09:C4:43:04:39
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91527F9/6ED2EBAA1D9A11E2AE93AD8708B02CD2/5r9G5TDfkimPrAMq-8mECcRDBDk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5r9G5TDfkimPrAMq-8mECcRDBDk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91527F9/6ED2EBAA1D9A11E2AE93AD8708B02CD2/CCFE382ED9F211EBBFDD1D42C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
110.35.88.0/21
113.20.64.0/19
Signature Algorithm: sha256WithRSAEncryption
c5:04:cf:2e:78:20:8e:42:b8:4a:f0:9f:23:29:07:ed:c6:47:
34:17:b5:92:37:bf:db:36:33:9e:64:2c:36:0a:53:e6:ac:b4:
e2:9c:3e:2d:15:8d:aa:38:27:dd:a5:76:9f:bd:0e:ae:6e:b8:
9d:57:d4:54:5b:84:d4:26:2d:2b:da:4a:bc:91:26:f4:5c:0b:
33:cb:8f:fe:0e:f8:a0:6c:3a:26:cf:83:4f:ba:2d:30:4d:b9:
1f:6f:37:d7:f0:f8:8d:27:bf:50:18:8b:87:84:22:f2:ea:61:
0f:9d:f0:86:47:29:a0:4e:9d:9f:ef:b1:21:9a:0f:84:85:d9:
32:dd:5e:15:fc:06:6b:21:d5:8f:23:7c:ae:6f:c8:a3:50:0d:
0b:bc:f0:3e:a9:48:e7:b7:a4:ee:d5:04:fa:a1:6e:35:48:44:
eb:50:fb:fd:fb:9c:56:bb:32:e1:64:44:97:89:dc:43:91:62:
06:da:bd:25:12:87:d4:ab:6a:17:ba:67:c2:ee:f6:35:a2:28:
9d:b7:f8:a8:2d:50:bb:51:dc:54:18:08:61:ce:28:8b:d0:18:
2b:4a:8b:0f:49:79:d6:bf:73:0b:d7:af:8b:d6:2a:30:d7:6f:
c9:b3:b4:21:50:6f:d2:3d:78:51:70:0c:db:98:18:d9:40:0f:
b7:cb:58:e8
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICM8QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTI3RjkxMTAvBgNVBAUTKEU2QkY0NkU1MzBERjkyMjk4RkFDMDMyQUZCQzk4NDA5
QzQ0MzA0MzkwHhcNMjQwMzIyMDIyMDMwWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWZjZWFlZS0zM2NjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqfy9+yi/CfKDynO9fia9AqWC9rub+lbDntCC6CUDdHp5VVnkS/b8hz56zK9/
Bdo3c2MeqWrEohuYYBxNsMHY9xCs1112FF33Ct9O7Z2p4WJHlS9JhYnqNvlI3n1k
e0Nsw+tfcRGKNBuCjRd2UVx2YlM6fTPrzph9BzXwxgAp/FeYJvLFr6GVCEuZNcbo
cxMqVcWtwrh1caeSGtV72t3ai8AC/YzNXAPUznLnuDCpzWxzcyZvcGLI+bfYhB/Q
EUjhes+LRmk/lTkv7MvEF/xZ3aEm2G783IOO3Be/JZsuZvmFVMIBPjIM50qQWN+7
GTXhmeabzqrBks4GkbgQUhTb6wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFLIgD4/2
2UzBApyWL9+6rh+ZzcuPMB8GA1UdIwQYMBaAFOa/RuUw35Ipj6wDKvvJhAnEQwQ5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MjdGOS82RUQyRUJBQTFE
OUExMUUyQUU5M0FEODcwOEIwMkNEMi81cjlHNVREZmtpbVByQU1xLThtRUNjUkRC
RGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVyOUc1VERma2ltUHJBTXEtOG1FQ2NSREJEay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTI3RjkvNkVEMkVCQUExRDlBMTFFMkFFOTNBRDg3MDhCMDJDRDIvQ0NGRTM4MkVE
OUYyMTFFQkJGREQxRDQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBANuI1gDBAVxFEAwDQYJKoZIhvcNAQELBQADggEBAMUEzy54
II5CuErwnyMpB+3GRzQXtZI3v9s2M55kLDYKU+astOKcPi0Vjao4J92ldp+9Dq5u
uJ1X1FRbhNQmLSvaSryRJvRcCzPLj/4O+KBsOibPg0+6LTBNuR9vN9fw+I0nv1AY
i4eEIvLqYQ+d8IZHKaBOnZ/vsSGaD4SF2TLdXhX8Bmsh1Y8jfK5vyKNQDQu88D6p
SOe3pO7VBPqhbjVIROtQ+/37nFa7MuFkRJeJ3EORYgbavSUSh9Srahe6Z8Lu9jWi
KJ23+KgtULtR3FQYCGHOKIvQGCtKiw9Jeda/cwvXr4vWKjDXb8mztCFQb9I9eFFw
DNuYGNlAD7fLWOg=
-----END CERTIFICATE-----
Generated at Tue Apr 2 05:11:07 2024 by rpki-client on console-fra.rpki-client.org